Vulnerabilities > Apple > Macos > 12.6.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-26 | CVE-2023-28320 | Resource Exhaustion vulnerability in multiple products A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. | 5.9 |
2023-05-26 | CVE-2023-28321 | Improper Certificate Validation vulnerability in multiple products An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. | 5.9 |
2023-05-26 | CVE-2023-28322 | An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. | 3.7 |
2023-05-19 | CVE-2023-30774 | Out-of-bounds Write vulnerability in multiple products A vulnerability was found in the libtiff library. | 5.5 |
2023-05-08 | CVE-2022-46720 | Integer Overflow or Wraparound vulnerability in Apple Ipados and Iphone OS An integer overflow was addressed with improved input validation. | 8.6 |
2023-02-27 | CVE-2022-46705 | Unspecified vulnerability in Apple products A spoofing issue existed in the handling of URLs. | 4.3 |
2023-01-18 | CVE-2023-22809 | Improper Privilege Management vulnerability in multiple products In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. | 7.8 |
2022-12-15 | CVE-2022-32833 | Unspecified vulnerability in Apple Iphone OS An issue existed with the file paths used to store website data. | 5.3 |
2022-12-15 | CVE-2022-32945 | Unspecified vulnerability in Apple Macos An access issue was addressed with additional sandbox restrictions on third-party apps. | 4.3 |
2022-12-15 | CVE-2022-42859 | Unspecified vulnerability in Apple products Multiple issues were addressed by removing the vulnerable code. | 5.5 |